Access, Problem, Incident and Event Management
Table of Contents
Analysis of access and event management implementation. 8
Definition of Key Terms
ITIL Information Technology Information Library
IT Information Technology
CSFs Critical Success Factors
CM Configuration Management
CI Configuration Items
SLAs Service Level Agreements
Executive Summary
Modern organizations are facing operational complexities due to the fast changing operating environment. In order to remain competitive companies are adopting modern information technology applications. These modern IT applications have the capability to support a lot of uses that enable organizations to achieve their visions. These include access, event, problem and incident management capabilities. These capabilities ensure these IT resources can be used securely, are user friendly, adaptable and can be customized to meet the specific needs of each organization. These applications also can be configured to report any problems and incidents that pose danger to business operations to ensure they are resolved in time.
Introduction
Modern organizations face an unprecedented level of turmoil and dynamism due to increasing environmental turbulence in modern times. This turmoil is triggered by among other things; rapid globalization, rapid changes in technology, increasing competition and complexities in customer needs (RANUM, 2004). Modern companies are encountering increasing complexities in their day to day operations. In order to achieve competitive advantage, organizations are turning to modern information technology applications which have access, event, problem and incident management capabilities inbuilt in them (Anonymous, 2009).
Main report
Access management offers organizations the ability to control access to computing resources to ensure that only those who are supposed to have access to certain applications access them. This ensures that there is accountability in the use of resources within an organization (Anonymous, 2009). This is because if information falls into the hands of the wrong people it can jeopardize an organization’s survival. Controlled access into computing resources also increases competitive advantage by ensuring clients issues are addressed on time. Access rights can be acquired through service requests through the help/service desk in an organization. In modern organizations access requests by staff wishing to access computer applications must be approved by line managers to ensure accountability and enhance security (Anonymous, 2011).
Event management is supposed to smooth out business bumps before they grind an organization into a halt. Business bumps could include virus attacks, computer outages, loss of valuable information, service outages, security breaches etc (BARTHOLOMEW, 2002). Modern information technology applications are not only highly scalable and robust but have the strategic vision of addressing evolving enterprise requirements. Modern applications are able to map and prioritize events that have huge business impact and optimize event-to-incident/problem resolution processes. Modern applications are able to integrate the whole process of event-to incident to service desk tools (Anonymous, 2006). This ensures that events are escalated either functionally or within the organizational hierarchy to ensure they are resolved on time. For example, when the status of a major customer account is noted to be falling into huge arrears event management interface could notify the finance manager and the chief executive officer which could initiate corrective measures to remedy the situation (Anonymous, 2006).
Problem management is a computer interface that enables resolution of underlying issues that may lead to incidents. Recurrent incidents are very detrimental to an organization as they may lead to erosion of market share, loss of competitive edge or eventual closure of an organization (Anonymous, 2006). Know error record is maintained in problem management to assist system administrators to resolve issues. Modern organizations are currently moving from a system of reactive problem management to proactive problem management (WOLF, 2004). Timescale setting in problem management is very important to ensure system problems are resolved on time to forestall adverse impact on business operations. Help/Service desk is very important in problem and incident management as it receives problems and incidents from users or events and escalates them to system administrators and/ or developers to resolve (Investment Weekly News, 2011).According to WOLF (2004) problems can be detected by service desk functions/tools that receive notifications from users and other applications. Problems can also be detected by operational personnel who interact with a system on daily basis. Modern systems have fault management systems that detect incidents which may also point out problems that require resolution. Problem management models are important in effective problem resolution and management as they lay out the processes/procedures that must be adhered to in problem resolution within SLAs (Investment Weekly News, 2011).
Incident management is a very important computer interface that enables incidents to be detected on time and resolved before they have an adverse impact on the operations of a business. Incidents could include virus attack, downtimes, internet outages, unauthorized access etc. Modern incident management requires that timescales are established to ensure incidents are resolved on time and normal operations are restored (Anonymous, 2006). Modern organizations prioritize incidents to ensure serious incidents with the highest potential to impact business operations are resolved fast to reduce their impact on business operations. Incident management models are developed by progressive organizations to ensure efficient management of incidents (Anonymous, 2005). These models ensure incidents are resolved on time and expeditiously. Critical success factors (CSFs) in incidence management include establishing an effective help/service desk to resolve and escalate incidents, ensuring incident detection and resolution procedures are in place and well understood, and ensuring skilled incident resolution personnel are in place. For example in the case study of Purbeck Oil and Gas it has been noted that unexplained service outages have been long and frequent (Anonymous, 2005). The call centre recorded a total of five security breach notifications. The organization has also noted that staff does not seem to appreciate the importance of configuration management (CM) which is a pointer to poor IT skills within the organization (Anonymous, 2010). The unexplained service outages are incidents that require effective incident management models to resolve. The service outages pose a threat to business operations and require immediate resolution. These frequent service outages are a pointer to serious underlying issues that require problem management interface to resolve. The five reported security breaches imply that the organization does not have effective access management in place to vet those who access its IT systems. The security breach notifications point to good event management within the system which escalates events to the call centre once they occur (Anonymous, 2010).
Analysis of access and event management implementation
Access and event management processes are crucial in ensuring ITIL conformant solutions for problems and incidents identified achieve the intended objectives. Access management ensures only the right users of certain computer applications access them thereby blocking those who are not authorised to access the services (KIM, 2007). Access management executes organizations policies and actions defined in security and availability management of ITIL. In modern organizations access rights are granted by the access and availability manager. The role of the access and availability manager is to grant access rights to IT resources and applications (KIM, 2007). He/she also restricts the availability of the service and vets those who request to be granted access rights to ensure the interests of the organization are secured. The access manager also revokes the rights whenever he deems necessary. In modern organizations whenever a staff member requests for access rights to certain computer software to perform certain tasks he/she completes access rights request form that must be signed/approved by the respective line manager and access manager before the rights are granted (Anonymous, 2005).
Event management on the other hand may be inbuilt in the system and can be used to inform, warn or report exceptional events. Information events are normally used to inform staff on certain occurrences. These might include attainment of certain targets, receipt of funds, sales levels at certain periods etc. Warning events are normally used to inform staff about particular occurrences that are worth noting (SHEN, LIN and ROHM, 2009). These may result in incidents or not. Exceptional events are normally incidents which demand for resolution to forestall disruption to business operations. Event management require configuration of items (CIs) to ensure events are noted and channelled to the help desk. Service desk personnel are supposed to resolve the events or escalate them to the right technical staff to resolve (FOUAD, 2005).
The reported major incident which was resolved by the incident management team in a financial services company in 40 minutes but resulted in aftershocks that lasted for a period of 80 minutes is a classic case of poor incident and problem management process. Good incident management process requires that timescales be set in resolving incidents (KIM, 2007). Incidents must be prioritized to ensure those incidents that pose a huge impact on the business of an organization are given a lot of attention and are resolved within set time frames to forestall disastrous impact on business operations. According to WINTER (2006) repeated occurrence of incidents poses the risk of completely disabling the operations of an organization. Problem management in meant to identify underlying issues that cause incidents and enable resolution of problems because they cause major incidents like the one experienced by the financial company. Aftershocks were caused by underlying problems that had not been identified and resolved. An error record is very important and would assist the organization to keep track of major errors and thereby develop methods of resolving major problems (CONRY-MURRAY, 2005). Purbeck Oil and Gas faces challenges with financing IT infrastructure as the finance manager feels that the IT manager does not factor in cost implications of the decisions that he makes. Event management will help solve the problem because the finance manager will be notified about major events that have a huge impact on KPIs of the company once they happen. This will enable him to appreciate the value of IT infrastructure and reduce his opposition towards expenditure on IT resources (BASU, GOPINATH, ANJUM and HOTCHKIES, 2009).
The importance of the help desk/service desk cannot be overemphasized. The help/service desk at Purbeck oil and Gas can help the organization to coordinate various important affairs in the company. These could include recording incidents and resolving them where they can. The service desk can monitor performance levels at various workstations and report progress of various important tasks (FEST, 2005). This will ensure minor incidents are recorded and resolved before they become major incidents. The solution to the problem at the financial institution is to institute incident management process that ensures incidents are reported on time before they pose a big threat (KALIN, 2005). Instituting a good event management process can also ensure exceptional events are recorded at the service desk. This will ensure incidents are escalated to the technical staff who can resolve them on time before they pose major security risk to an organization (NEEL, 2005)
An ITIL conformant solution is important because it has a lot of advantages. The first advantage is that it can be implemented quite fast and progress is easily monitored than a manual process. An ITIL conformant solution enables an organization to manage risks that pose a threat to its business (CONRY-MURRAY, 2005). An ITIL conformant solution is fast, effective and can be applied in a large organization. The main disadvantage is that staff may not have the necessary skills to implement the solution effectively which may lead to failure. The other disadvantage is that it may be very expensive to implement (LUDWIG, HOGAN, JALUKA, LOEWENSTERN and AL, 2007).
Conclusions and Summary
In conclusion event, incident, problem and access management are important functionalities that complement each other. Event management can help to identify incidents that require resolution before they pose danger to businesses operations. Incidents that keep on recurring are a pointer to underlying issues that need to be addressed through problem management models. The service desk is very important in ensuring event, incident, problem and access management function effectively in an organization
Recommendations
Organizations must train their staff continually to enable them utilize computer resources available in the organization effectively. For IT applications to function effectively a service desk staffed with well trained and knowledgeable staff is very important since it coordinates the various applications and reports problems that are encountered in the day to day use of computing resources. Each organization must put in place effective access, incident, problem and event management processes to ensure it benefits from the computing capabilities offered by modern ITIL.
References
Anonymous (2011, Feb 15). RSA Launches Industry’s First End-to-End Incident
Management Solution. PR Newswire.
Anonymous (2010, Sep 09). IT Monitoring and Incident Management Mobilized to a Whole
New Level with Rove Mobile Admin 6.0. Business Wire.
Anonymous (2009, Sep 09). Concerro Adds Location-Based Graphical Interface to
CommandAware(R) Hospital Incident Management System. Business Wire.
Anonymous (2005, Nov 07). Intergraph’s Incident Management Solution on Display at 12th
ITS World Congress. Business Wire, 1
Anonymous2006, Jun 07. BMC Software’s Competitive Thrust Continues; – New BSM
solutions deliver unparalleled early warning and problem response capability; –
Proactive incident and problem management, unified service level management
solutions help customers align IT resources with business service metrics. PR
Newswire, 0.
Anonymous (2006, Jun 21). Gartner recognize HP as “Leader” in Enterprise Computing
Solutions. Al Bawaba, 1.
Anonymous (2006, Mar 27). RealOps Announces Immediate Availability of AMP Network
Problem Management Module; Module Drives ITIL-Based Automation of Network
Problem Management Processes in IT Operations. Business Wire, 1.
Anonymous(2005, Feb 14). GuardedNet(R) Launches Latest Innovation in Security
Information Management. PR Newswire, 1.
BARTHOLOMEW, D., (2002). Event management: Hype or hope? Industry Week, 251(4),
- 29- 33.
BASU, A., GOPINATH, D., ANJUM, N. and HOTCHKIES, S., (2009). Feedback in incident
reporting – more needed. Clinical Governance, 14(1), pp. 38-41
CONRY-MURRAY, A., (2005). Security Event Management Gets Specialized. IT
Architect, 20(11), pp. 29-37.
Data Storage Device Companies; RSA Launches Industry’s First End-to-End Incident
Management Solution. (2011).Investment Weekly News, , pp. 1266.
FEST, G., (2005). Identity Management: A Corporate Headache Fuels It Splurge ; Access-
rights oversight climbs the company ladder. Bank Technology News, 18(9), pp. 1-
1,46+.
FOUAD, T., (2005). UNIFYING INCIDENT MANAGEMENT: OPEN
CHANNELS. Occupational Health & Safety, 74(6), pp. 69-72.
KALIN, S., (2005). How to tackle Identity and Access Management. CIO, 19(5), pp. 1.
KIM, J.K., (2007). Three essays on critical incident management systems, State University of
New York at Buffalo.
LUDWIG, H., HOGAN, J., JALUKA, R., LOEWENSTERN, D. and AL, E., (2007).
Catalog-based service request management. IBM Systems Journal, 46(3), pp. 531-548.
NEEL, D., (2005). FRONTRANGE COUPLES HELP-DESK, IT SERVICE
MANAGEMENT TOOLS. CRN, (1137), pp. 27.
RANUM, M.J., (2004). Beyond Security Event Management. Network Magazine, 19(6), pp.
74.
SHEN, Y., LIN, F. and ROHM, C.E.T., (2009). A Framework for Enterprise Security
Architecture and Its Application in Information Security Incident
Management. Communications of the IIMA, 9(4), pp. 9-19.
WINTER, M., (2006). Problem structuring in project management: an application of soft
systems methodology (SSM). The Journal of the Operational Research
Society, 57(7), pp. 802-812.
WOLF, L.J., (2004). Can You Handle the Headaches? Analyzing and Optimizing the
Effectiveness of the Incident Management Process. Information Systems
Security, 13(5), pp. 9-20.
Last Completed Projects
| topic title | academic level | Writer | delivered |
|---|
Are you looking for a similar paper or any other quality academic essay? Then look no further. Our research paper writing service is what you require. Our team of experienced writers is on standby to deliver to you an original paper as per your specified instructions with zero plagiarism guaranteed. This is the perfect way you can prepare your own unique academic paper and score the grades you deserve.
Use the order calculator below and get started! Contact our live support team for any assistance or inquiry.
[order_calculator]